/etc/shadow equivalent without a source license!

Paul De Bra debra at alice.UUCP
Wed Mar 8 01:24:56 AEST 1989


In article <13314 at steinmetz.ge.com> davidsen at crdos1.UUCP (bill davidsen) writes:
>  I don't understand this response at all. The proposal was for a file
>(/etc/shadow) which would hold the real password and be readable only to
>root, and the standard password file (/etc/password) which had the same
>info with the password replaced by 'x'. This sounds like a totally
>workable solution. I see no reason why having non-secret stuff in the
>shadow file hurts anything...

Oops, I goofed while reading the message. Sorry about that.

But, it may be a bit more tricky than you suspect though. You may want to
check which other programs look in /etc/passwd to find the password.
Like, what happens when you want to enter "maintenance mode" (in Xenix) ?
And wouldn't you want routines like getpwent() to give you the real
encrypted password when invoked by root or something?
And what about other programs that may exist and change the password file,
like chsh (don't know exactly which ones exist in Xenix). They too should
change the shadow file...

Paul.
-- 
------------------------------------------------------
|debra at research.att.com   | uunet!research!debra     |
------------------------------------------------------



More information about the Comp.unix.questions mailing list